LDAP login is only working for Primary Hub .While the secondary hubs are configured for LDAP the same way as the primary is and the ACL's are there, LDAP users are not able to log into Infrastructure Manager from the secondary hubs
All UIM versions
It is not required to make LDAP settings on all the hubs for LDAP login in CA Unified infrastructure Management.
You can set Primary Hub as the UIM Proxy Hub in your secondary hub LDAP settings
You will have to set secondary hubs as LDAP 'proxy' hubs. You can do this on Linux or Windows hubs.
To do this, open the hub GUI on the hub in question and go to the Settings/LDAP tab like you normally would for configuring LDAP.
On this screen set the radio button for "Nimsoft Proxy Hub" and then check the box for "Proxy LDAP Authentication".
Now pull down the drop-down menu and locate the Primary Hub in the list. It will ask if you want to use this hub as a proxy hub - say yes then click OK and restart the hub.
After this your LDAP requests will be forwarded to the primary hub which will in turn forward them to the LDAP server for authentication.
To summarize the primay hub will have the LDAP authentication, and if authenticating onto a secondary hub, that hub will use the primary hub as an LDAP proxy hub, which is the normal configuration.
Hub IM GUI Reference